After upgrading to 2.7 over the last weekend, any user attempting to reach the “recordings” (http://freepbxipdaaress/recordings) gets the login/password box for system maintenence. Clicking “Cancel” then brings up the voicemail login page. Users may then enter their extension number and password and proceed as normal except every time they click on something on the page, the password request comes back up. Again clicking on the “Cancel” button allows them to proceed.
They’re not locked out, but it is somewhat annoying.
Is this a setting or configuration issue, or is it a bug that needs to be reported?
I think it has something to do with the frog image in the upper left hand corner of the page. Looks like it is stored in a protected area.
I too have this problem on an upgraded system. There was a previous fix on this issue. I made sure that a copy of the logo exists in the recordings image directory and that did not fix it.
I have not had an opportunity to dig through the http logs and figure out what is going on.
What distro do you run? Look for a .htaccess file in /var/www/html/recordings. There should be none (imho).
What happens if you go to http://“your ip”/recordings/ directly?
The system I am having the issues is a bare bone CentOS/Asterisk/FreePBX.
There is no .htaccess file in any directory off /var/www/html/recordins and my little web front end does go directly to recordings (not launching it within FreePBX).
The only reason I am bringing this up on the FreePBX forum is beacause the problem started after a 2.7 upgrade.
The really odd thing is it is alson happening on a 2.5 system that has been running for a year and has not been updated. I thought it was my issue until this post.
I will keep poking at it and let you know what I found out. The users on the 2.5 system are putting much pressure on me to resolve.
My original install was a TRIXBOX, but I “untrixed” it several years ago, I get the password request even when we go directly to “recordings”. There is NO .htaccess in the directory.
Hmm, that is strange, what “realm” do you get?
Have you tried to clear all cookies for the ip/domain that your pbx have?
Any errors in apache error_log?
Check your apache config files in /etc/httpd/conf and /etc/httpd/conf.d for includes of additional config files. I think that trixbox did include one in /etc/pbx.
That auth is from apache, so it is there you should look for something like:
PLEASE NOTE THAT I HAD TO CHANGE THE < & > to [ & ] SO IT WOULD DISPLAY PROPERLY IN THE POST
You’ll notice that I changed the 1st AuthName to “Secure Area” and the 2nd to Simply “Restricted”.
Now when I get the login request, the Realm Shows “Secure Area” which indicates that the first half is causing the problem.
I REMed out the first half and the the request for a login went away, even for maintenence.
That’s no good, so I unREMmed it.
The way I see it, the only html directory which should be affected it the admin, but right now, that directive is affecting all of the subdirectories in the html root.
Bill, this is puzzling me, I have gone through the code from 2.5 to 2.7 and we don’t supply any files that affects apache other than the standard .htaccess in modules directory.
There must be some kind of configuration error for apache. Did you just upgrade FreePBX 2.5 to 2.7? No yum update?
Bill, change apache LogLevel to debug (/etc/httpd/conf/httpd.conf), stop apache, move error_log and access_log to backup, start apache, clear browser cache then try again. If you get the error, revert logging and look through the log files for any clue where it is picking up auth.
I’m having the same issue.
I just installed the newest PBX in a Flash build, with their Orgasmatron 5.2 installer (http://nerdvittles.com/?p=675), and I then updated FreePBX to 2.7.
Anything I can do to fix this?
Thanks!
I’ve tried about 100 different combinations in the httpd.conf and an .htaccess file in the recordings directory. The best I can tell is that the configuration requiring a password for the maint directory is somehow affecting the recordings directory. I’m at a loss!
Whatever happened was coincidental with the 2.7 upgrade, but this is puzzling.
Any additional ideas will be appreciated. Meanwhile…I’ll keep plugging at it!
Not really sure where to put it…
Any chance someone can upload a fixed httpd.conf file somewhere, so I can try it?
And what’s the command to restart the apache server?
You can put that code snippit anywhere, but for convenience, look to see if there any similar directives in the conf file and put it just before of after it.
Also make sure your images are stored the same place as mine. If you right click on the frog you’ll and click on properites. Under location you’ll get something like:
this issue was brought up to me a few weeks ago and I diagnosed it down to the http basic authentication for the admin directory as well.
Since it was an old trixbox system I didn’t look any further, I just suggested they change to database authentication to remove the problem.
However, I just checked SVN for changes to the images directory and saw nothing. Has anyone tracked down a log entry to what is being accessed there that was not before? All the module have options to add images to that directory (auto-linked through retrieve_conf). However, nothing new at all comes to mind in 2.7 that would have started using something there. Especially with ARI since I don’t believe any changes were done to it in 2.7???